SecurityWeek

TanStack, Mistral AI, UiPath Hit in Fresh Supply Chain Attack

Over 170 TanStack, Mistral AI, OpenSearch, UiPath, and other packages were affected in a new Mini Shai-Hulud supply chain ...
The Hacker News

Fake OpenAI Privacy Filter Repo Hits #1 on Hugging Face, Draws 244K Downloads

Fake OpenAI Privacy Filter hit #1 on Hugging Face with 244,000 downloads, spreading infostealer malware to Windows users.
The Hacker News

Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages

TeamPCP’s Mini Shai-Hulud campaign used hijacked GitHub OIDC tokens to spread a credential-stealing worm through TanStack npm ...

Instructure confirms hackers used Canvas flaw to deface portals

Education technology giant Instructure has confirmed that a security vulnerability allowed hackers to modify Canvas login ...
Dark Reading

Worm Redux: Fresh Mini Shai-Hulud Infections Bite Supply Chain

Hundreds of npm packages infected by the self-propagating, credential-stealing worm from TeamPCP are related to the open ...

'ClickFix' attack tricks users into hacking themselves, ACSC warns

ClickFix relies on tricking users into essentially hacking themselves by running commands that compromise their computers. In ...
TechJuice

Mini Shai-Hulud Worm Compromises Over 169 npm Packages

Mini Shai-Hulud worm compromises 169 npm packages including TanStack Mistral AI; TeamPCP uses stolen OIDC tokens.
Cyber Daily

The industry speaks – part 2: World Password Day 2026

However, the biggest human element threat in 2026 isn’t just password reuse – it’s the accidental insider threat created by ...

Daybreak is OpenAI's response to Anthropic's Claude Mythos

OpenAI has just launched Daybreak, a cybersecurity initiative that's clearly the company's competitor to Anthropic's Project ...

OpenAI just released its answer to Claude Mythos

Its launch comes just over a month after rival Anthropic announced Claude Mythos, a security-focused AI model it claimed was ...

Elite corporate lawyers accused of earning millions on insider trading, using bizarre code like, ‘How’s the rabbi?’

A ring of elite corporate lawyers were accused of illegally trading on inside info about blockbuster deals over a decade, ...
Macworld

Should you keep your MacBook plugged in when you’re using it?

Over the last several years, Apple has dramatically improved how it handles lithium-ion battery charging in iPhones, iPads, Macs, and Apple Watches. Across multiple system releases, the company moved ...